As technological advancements and the widespread adoption of social media continue to catapult the globe into the narrative of a “global village”, threats and security breaches associated with the technology are also on the rise. Nepal is no different. Alarming statistics paint a vivid picture of the escalating cybercrime landscape in Nepal, reflecting a global trend mirrored in many other countries.

According to the Cyber Bureau Nepal, there has been a surge in cybercrime cases. Reported incidents doubled in a year, where 4,686 cases were registered in the fiscal year 2078/2079, and 9,013 cases in the following fiscal year 2079/2080. Incidents were registered along various platforms and in various forms, and span a wide demographic, with victims including 87 male children, 272 female children, 6,979 females, 5,633 males, and 728 others during these two fiscal years, highlighting the threat of cybercriminal activities.

The ubiquity of the internet has enveloped the entire world, Nepal included, bringing with it both its benefits and drawbacks. While the proliferation of social media platforms has seen an exponential growth in users, alongside this growth, there has been a parallel surge in negative activities.

A surge in cases involving photo manipulation, revenge porn, ransomware attacks, defamation, impostor accounts, hacking, unauthorized access, website defacement, and other financially-motivated IT crimes has been evident in Nepal, as reported by the Cyber Bureau. These crimes not only cause financial losses but also inflict emotional distress and reputational damage on victims.

Over the span of just two months, during the Poush and Magh months, the Cyber Bureau recorded 1,613 and 1,703 cases, respectively.

As technologies and communication channels continue to evolve, so does the nature of criminal activities. Facebook/Messenger emerged as the platform with the highest number of reported crimes, escalating from 3,956 cases in the fiscal year 2078/79 to 6,782 cases in the subsequent fiscal year 2079/80. Notably, during Poush and Magh, 1,402 and 1,488 cybercrime cases were registered under the platform Facebook/Messenger, indicating the platform’s vulnerability to various forms of exploitation by cybercriminals.

Instances of cybercrimes on WhatsApp and Instagram are also on the rise. The Cyber Bureau reported 96 cases in FY 2078/79 for WhatsApp, which increased to 285 in FY 2079/80. Similarly, Instagram witnessed a staggering increase of over 700%, with reported cases soaring from 76 to 551.

The ongoing digitalization of the world extends to every aspect, including banking, where fraud is proliferating. In FY 2078/79, 127 cases were registered under the heading of bank/organization/institution, and 23 cases under mobile wallet, e-Sewa. These figures surged to 221 cases for banking fraud and 196 for e-Sewa in FY 2079/80. Financial institutions face significant challenges in combating cyber threats while ensuring the security and integrity of their online banking services.

Alarmingly, the victims of these cyber-related crimes are disproportionately female, with girls and women bearing the brunt of the impact. The repercussions of cybercrime extend beyond the digital realm, deeply affecting the daily lives of its victims. The evidence indicates incidents of photo exploitation resulting in extortion, unauthorized access to social media profiles, and the distressing exposure of revenge porn targeting victims.

These cases not only underscore the prevalence of cybercrimes but also shed light on the mental health challenges faced by the victims. It also portrays the urgent need for a comprehensive approach to cybersecurity, including updating legal frameworks, strengthening technical defenses, protecting individuals’ rights and privacy in the digital age and raising public awareness about cyber safety.

The threat landscape of cybercrime looms large, demanding robust legislative measures to safeguard individuals, businesses, and national interests. In Nepal, the Electronic Transaction Act 2063 serves as the primary legal framework governing electronic transactions and addressing cybercrimes. However, despite its foundational significance, critiques deliberate its effectiveness in tackling modern cyber threats.

According to advocate Rastra Bimochan Timalsena, “Section 47 of the Act defines any illegal act done through the internet as a crime. However, the act itself is not comprehensive. It doesn’t differentiate between the various types of crimes, and their punishments are treated with the same tendency.”

Moreover, the act’s failure to keep pace with technological advancements exacerbates its shortcomings. In contrast to Asian countries like China, Singapore, India and Japan, which have enacted comprehensive cybersecurity laws, Nepal’s legislation lacks provisions to address evolving cyber threats adequately. These countries prioritize data protection, establish frameworks for overseeing critical infrastructure, and engage in international cooperation to combat cybercrime.

China’s Cybersecurity Law imposes stringent requirements on network operators and critical infrastructure sectors, ensuring heightened resilience against cyber threats. Similarly, Singapore’s Cybersecurity Act provides a robust legal framework for safeguarding critical information infrastructure, with stringent penalties for non-compliance. Japan’s Cybersecurity Strategic Headquarters coordinates efforts to enhance cybersecurity capabilities, reflecting a proactive approach to safeguarding national interests in the digital realm. India’s Information Technology Act offers clearer definitions, broader coverage, and stronger enforcement mechanisms – however India’s broader engagement is one to consider when thinking of addressing cybercrime through a legal mechanism only. The country is battling with an upsurge on online hate-crime, especially affecting its marginalized communities. It is therefore important to address cyber-crime from a sociopolitical perspective as well. For example, asking the question why are women and children disproportionately affected by cyber-crime? Is it because crime also has a socio-political background, and “online” is just the medium?

Furthermore, it is also important to promote digital literacy and awareness, recognizing the pivotal role of education in mitigating cyber risks. Nepal lacks focused provisions for promoting digital literacy, leaving individuals vulnerable to cyber threats due to a lack of awareness.

Additionally, Nepal’s cybersecurity legislation falls short in addressing the cross-border nature of cybercrime, hampered by limited enforcement capabilities and forensic resources. The absence of mechanisms for timely updates further compounds these challenges, rendering the legislation inadequate in effectively combating cyber threats.